The present invention relates to data protection, and more specifically, this invention relates to hypervisor and Virtual Machine (VM) security frameworks using a centralized authority with revocation capability.
In computing, a VM is an emulation of a particular computer system. Virtual machines operate based on the computer architecture and functions of a real or hypothetical computer, and their implementations may involve specialized hardware, software, or a combination thereof.
A hypervisor, sometimes referred to as a virtual machine monitor, is a piece of computer software, firmware and/or hardware which is able to create and/or run VMs. Moreover, an overlay network can be implemented using a certain number of VM wherein a hypervisor controls the processing of networking packets in and out of each VM, one or more of which may be associated with an overlay network.
Data protection and security are becoming increasingly important between VMs and hypervisors. As technology changes over time, malicious activity and theft transform to take advantage of new exposures that are created. Moreover, sensitivity of the data vulnerable to such attacks underscores the importance and impact of these threats.
Today there is little other than standard antivirus programs that protect VMs and hypervisors, among other VM monitors. Often when a malicious VM is started, it can cause damage before even being recognized these standard antivirus programs. Also, with current backup and replication practices, once malicious software is introduced to a virtual network, it can be almost impossible to completely remove the malicious software from the user's portfolio of systems.